NEWYou can now listen to Fox News articles!
Automotive giant Stellantis has just revealed that it suffered a data breach, exposing customer contact details, after attackers infiltrated a third-party platform used for North American customer services. The announcement comes at a time when large-scale attacks on cloud CRM systems have already shaken tech and retail sectors alike, with Salesforce clients such as Google, Allianz and Dior reporting similar intrusions. These earlier incidents exposed names, emails, and phone numbers, which were sufficient for attackers to launch phishing campaigns or extortion attempts.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter
TRANSUNION BECOMES LATEST VICTIM IN MAJOR WAVE OF SALESFORCE-LINKED CYBERATTACKS, 4.4M AMERICANS AFFECTED
What you need to know about the Stellantis breach
Stellantis was formed in 2021 through the merger of the PSA Group and Fiat Chrysler Automobiles. Today, it ranks among the world’s largest automakers by revenue and is fifth in volume globally. The company houses 14 well-known brands, including Jeep and Dodge, as well as Peugeot, Maserati and Vauxhall, and operates manufacturing infrastructure across more than 130 countries. That global scale naturally makes it a tempting target for cyber adversaries.
Stellantis confirmed hackers stole customer contact details in a recent breach. (Kurt “CyberGuy” Knutsson)
In its public statement, Stellantis clarified that only contact information was taken. Since the compromised third-party platform does not host financial or deeply sensitive personal data, Stellantis asserts that social security numbers, payment details and health records were out of reach of the attackers. In response, the company activated its incident response protocols, launched a full investigation, contained the breach, notified authorities and began alerting affected customers. It also issued warnings about phishing and urged customers not to click suspicious links.
Stellantis has not revealed how many customers the breach affected. The company also has not specified which contact fields, such as email, phone, or address, attackers accessed.
The alleged culprit, ShinyHunters, and Salesforce breaches
While Stellantis has not explicitly named the hacker group behind the breach, multiple sources tie this incident to the ShinyHunters extortion campaign, which has spearheaded a wave of data thefts targeting Salesforce this year.
ShinyHunters claims to have stolen over 18 million records from Stellantis’ Salesforce instance, which includes names and contact details, according to Bleeping Computer. These attacks form part of a broader campaign aimed at Salesforce customers. In recent months, ShinyHunters has often worked in concert with groups like Scattered Spider and targeted companies including Google, Cisco, Adidas, Allianz Life, Qantas, and brands under LVMH such as Dior and Tiffany & Co.
OVER 2B USERS FACE PHISHING RISKS AFTER GOOGLE DATA LEAK
The attack is linked to a wider wave of Salesforce data thefts this year. (Kurt “CyberGuy” Knutsson)
Their reported method is fairly ingenious. Attackers exploit OAuth tokens tied to integrations like Salesloft’s Drift AI chat tool to pivot into Salesforce environments. Once inside, they can harvest valuable metadata, credentials, AWS keys, Snowflake tokens and more.
In fact, the FBI recently issued a Flash alert that surfaced numerous indicators of compromise linked to these Salesforce environment attacks and warned organizations to harden defenses. The cumulative toll is staggering. ShinyHunters asserts it has stolen over 1.5 billion Salesforce records across some 760 companies.
7 ways to protect yourself from breaches like Stellantis
Even if only contact details were exposed, that’s enough for attackers to target you. Here’s how to stay protected.
1) Clean up exposed personal data from the web
Even basic contact details can be scraped from breaches and sold on data broker platforms, where they are used for spam, scams and targeted attacks. A data removal service can help track down and request the deletion of your information from these databases, reducing your long-term exposure.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.
Get a free scan to find out if your personal information is already out on the web: CyberGuy.com.
Stolen emails and phone numbers could fuel phishing campaigns. (REUTERS /Rebecca Cook)
2) Stay alert for phishing attempts and use antivirus software
The most immediate risk after a breach like this is targeted phishing. Attackers now have legitimate contact details, so their emails and texts can look convincingly real. Be skeptical of any message claiming to be from Stellantis, your car brand or a related service, especially if it urges you to click a link, download an attachment or share personal details.
The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.
3) Use a password manager to secure your accounts
If attackers get your contact information, they may try the same password on other sites. This is called credential stuffing. A password manager can create strong, unique passwords for every account. That way, one breach will not put your other accounts at risk. It also helps you quickly update credentials in case you suspect a compromise.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at CyberGuy.com.
DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION
4) Enable two-factor authentication (2FA) wherever possible
2FA adds an extra step to your logins by requiring a temporary code or approval in addition to your password. Even if attackers manage to steal your password, they will need that second factor to gain access. This significantly reduces the chances of account takeover attempts succeeding.
5) Invest in identity theft protection
Attackers often combine exposed contact information with other data to build complete identity profiles. Identity theft protection services monitor for suspicious activity, such as unauthorized credit applications or changes to official records, and alert you early so you can act before serious damage occurs. Identity theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at CyberGuy.com.
6) Regularly review account activity
After a breach, it is worth auditing your accounts, not just with Stellantis but also with related services such as financing portals, insurance accounts or loyalty programs. Look for unusual sign-ins, unfamiliar devices, or changes to your personal details. Most services offer tools to review login history and security events, making checking these a routine habit.
CLICK HERE TO GET THE FOX NEWS APP
Kurt’s key takeaway
Even giants in manufacturing are vulnerable when cloud platforms and third-party systems are part of their customer workflow. The same patterns seen in attacks on Google, LVMH, and others have now reached the auto industry in a serious way. As Stellantis confronts the fallout, the broader lesson is clear. Organizations must treat the surfaces exposed by their service providers and SaaS integrations with as much vigilance as their own core systems.
Do you trust companies to secure your data, or do you feel they’re not doing enough? Let us know by writing to us at CyberGuy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
